Lucene search
K

109 matches found

securityvulns
securityvulns
added 2006/05/17 12:0 a.m.120 views

[SA20136] FreeFTPd SFTP Key Exchange Algorithm String Buffer Overflow

TITLE: FreeFTPd SFTP Key Exchange Algorithm String Buffer Overflow SECUNIA ADVISORY ID: SA20136 VERIFY ADVISORY: http://secunia.com/advisories/20136/ CRITICAL: Highly critical IMPACT: DoS, System access WHERE: From remote SOFTWARE: FreeFTPd 1.x http://secunia.com/product/6138/ DESCRIPTION: A...

0.7AI score
Exploits0
Prion
Prion
added 2006/05/16 10:2 a.m.25 views

Stack overflow

Stack-based buffer overflow in 1 WeOnlyDo wodSSHServer ActiveX Component 1.2.7 and 1.3.3 DEMO, as used in other products including 2 FreeSSHd 1.0.9 and 3 freeFTPd 1.0.10, allows remote attackers to execute arbitrary code via a long key exchange algorithm string...

7.5CVSS8.2AI score0.71375EPSS
Exploits11References18Affected Software3
NVD
NVD
added 2006/05/16 10:2 a.m.20 views

CVE-2006-2407

Stack-based buffer overflow in 1 WeOnlyDo wodSSHServer ActiveX Component 1.2.7 and 1.3.3 DEMO, as used in other products including 2 FreeSSHd 1.0.9 and 3 freeFTPd 1.0.10, allows remote attackers to execute arbitrary code via a long key exchange algorithm string...

7.5CVSS7.9AI score0.71375EPSS
Exploits11References18
CVE
CVE
added 2006/05/16 10:0 a.m.81 views

CVE-2006-2407

The CVE-2006-2407 issue is a stack-based buffer overflow in FreeSSHd (including 1.0.9 and 1.3.3 DEMO) when processing a long key exchange algorithm string, enabling remote code execution. It also affects derivative products (FreeSSHd-based demos and FreeFTPd 1.0.10 as used in other packages). Pub...

7.5CVSS7.7AI score0.71375EPSS
Exploits11References18Affected Software3
Cvelist
Cvelist
added 2006/05/16 10:0 a.m.25 views

CVE-2006-2407

Stack-based buffer overflow in 1 WeOnlyDo wodSSHServer ActiveX Component 1.2.7 and 1.3.3 DEMO, as used in other products including 2 FreeSSHd 1.0.9 and 3 freeFTPd 1.0.10, allows remote attackers to execute arbitrary code via a long key exchange algorithm string...

7.8AI score0.71375EPSS
Exploits11References18
Metasploit
Metasploit
added 2006/01/16 2:59 a.m.46 views

freeFTPd 1.0 Username Overflow

This module exploits a stack buffer overflow in the freeFTPd multi-protocol file transfer service. This flaw can only be exploited when logging has been enabled non-default. This module requires Metasploit: https://metasploit.com/download Current source:...

7.5CVSS7.4AI score0.71506EPSS
Exploits8
Saint
Saint
added 2005/12/08 12:0 a.m.35 views

FreeFTPd user name buffer overflow

Added: 12/08/2005 CVE: CVE-2005-3683 BID: 15457 OSVDB: 20909 Background FreeFTPd is a free FTP/FTPS/SFTP server for Windows platforms. Problem An unauthenticated remote attacker could execute arbitrary commands by sending a long, specially crafted argument to the USER command. Resolution Upgrade ...

7.5CVSS7.5AI score0.71506EPSS
Exploits8
Saint
Saint
added 2005/12/08 12:0 a.m.57 views

FreeFTPd user name buffer overflow

Added: 12/08/2005 CVE: CVE-2005-3683 BID: 15457 OSVDB: 20909 Background FreeFTPd is a free FTP/FTPS/SFTP server for Windows platforms. Problem An unauthenticated remote attacker could execute arbitrary commands by sending a long, specially crafted argument to the USER command. Resolution Upgrade ...

7.5CVSS7.5AI score0.71506EPSS
Exploits8
Saint
Saint
added 2005/12/08 12:0 a.m.123 views

FreeFTPd user name buffer overflow

Added: 12/08/2005 CVE: CVE-2005-3683 BID: 15457 OSVDB: 20909 Background FreeFTPd is a free FTP/FTPS/SFTP server for Windows platforms. Problem An unauthenticated remote attacker could execute arbitrary commands by sending a long, specially crafted argument to the USER command. Resolution Upgrade ...

7.5CVSS7.5AI score0.71506EPSS
Exploits8
Saint
Saint
added 2005/12/08 12:0 a.m.42 views

FreeFTPd user name buffer overflow

Added: 12/08/2005 CVE: CVE-2005-3683 BID: 15457 OSVDB: 20909 Background FreeFTPd is a free FTP/FTPS/SFTP server for Windows platforms. Problem An unauthenticated remote attacker could execute arbitrary commands by sending a long, specially crafted argument to the USER command. Resolution Upgrade ...

7.5CVSS7.5AI score0.71506EPSS
Exploits8
Packet Storm
Packet Storm
added 2005/11/30 12:0 a.m.27 views

freeFTPDoS.txt

Author: Stefan Lochbihler Date: 24. November 2005 Software: freeFTPd Version: 1.0.10 URL: http://freeftpd.com/ Attack: Denial of service about: freeFTPd is a FTP/FTPS/SFTP server that enables user to access remote files over TCP/IP network such as Internet. Unlike FTP, FTPS and SFTP protocols...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/11/29 12:0 a.m.39 views

freeFTPd Multiple Command Malformed Argument Remote DoS

The remote host appears to be using freeFTPd, a free FTP / FTPS / SFTP server for Windows. The version of freeFTPd installed on the remote host crashes if it receives a PORT command with a port number from an authenticated user. In addition, the application reportedly will freeze for a period of...

6.8CVSS5.5AI score0.02989EPSS
Exploits1References2
NVD
NVD
added 2005/11/26 2:3 a.m.17 views

CVE-2005-3812

freeFTPd 1.0.10 allows remote authenticated users to cause a denial of service null dereference and crash via a PORT command with missing arguments...

6.8CVSS6.3AI score0.02989EPSS
Exploits1References4
Cvelist
Cvelist
added 2005/11/26 2:0 a.m.21 views

CVE-2005-3812

freeFTPd 1.0.10 allows remote authenticated users to cause a denial of service null dereference and crash via a PORT command with missing arguments...

6.3AI score0.02989EPSS
Exploits1References4
CVE
CVE
added 2005/11/26 2:0 a.m.48 views

CVE-2005-3812

CVE-2005-3812 affects freeFTPd 1.0.10, where remote authenticated users can trigger a denial of service by sending a PORT command with missing arguments, causing a null dereference and crash. The issue is corroborated by multiple linked advisories and scanners (NVD/Nessus/OpenVAS entries) and is ...

6.8CVSS6.3AI score0.02989EPSS
Exploits1References4Affected Software1
securityvulns
securityvulns
added 2005/11/26 12:0 a.m.32 views

freeFTPd 1.0.10 (Dos,Exploit)

Author: Stefan Lochbihler Date: 24. November 2005 Software: freeFTPd Version: 1.0.10 URL: http://freeftpd.com/ Attack: Denial of service about: freeFTPd is a FTP/FTPS/SFTP server that enables user to access remote files over TCP/IP network such as Internet. Unlike FTP, FTPS and SFTP protocols...

0.4AI score
Exploits0
seebug.org
seebug.org
added 2005/11/24 12:0 a.m.12 views

FreeFTPD <= 1.0.10 (PORT Command) Denial of Service Exploit

No description provided by source. // freeFTPd Denial of Service Attack // Tested on a Win XP Sp1 Box include "stdio.h" include "winsock2.h" pragma comment lib,"ws232" define PORT 21 define USER "root" define PASS "root" define L "--------------------------------------------------" define HL...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2005/11/24 12:0 a.m.13 views

freeFTPd 1.0.10 - PORT Denial of Service

freeFTPd 1.0.10 - PORT Denial of Service // freeFTPd Denial of Service Attack // Tested on a Win XP Sp1 Box include "stdio.h" include "winsock2.h" pragma comment lib,"ws232" define PORT 21 define USER "root" define PASS "root" define L "--------------------------------------------------" define H...

7.3AI score
Exploits0
Exploit DB
Exploit DB
added 2005/11/24 12:0 a.m.31 views

freeFTPd 1.0.10 - 'PORT' Denial of Service

// freeFTPd Denial of Service Attack // Tested on a Win XP Sp1 Box include "stdio.h" include "winsock2.h" pragma comment lib,"ws232" define PORT 21 define USER "root" define PASS "root" define L "--------------------------------------------------" define HL "freeFTPd 1.0.10 DoS Exploit by...

7.4AI score
Exploits0
NVD
NVD
added 2005/11/19 1:3 a.m.22 views

CVE-2005-3683

Stack-based buffer overflow in freeFTPd before 1.0.9 with Logging enabled, allows remote attackers to cause a denial of service application crash, and possibly execute arbitrary code, via a long USER command...

7.5CVSS7.7AI score0.71506EPSS
Exploits8References9
Rows per page
Query Builder